The Lead Incident Responder will serve as a technical expert inside the Security Operations Center for a broadband internet service provider. This position will work across departments and business units of Cox Communications to manage risk and strengthen the security posture of the organization. The position will help drive the evolution of best practices and security monitoring.
Successful candidates will demonstrate a strong business acumen and possess a blend of general business, technology and security competencies. This is a unique opportunity to work for a telecommunications company protecting national critical infrastructure! The candidate needs to be passionate about security, evolving SOC response procedures, and developing risk-based threat detections rooted in the MITRE ATT&CK model.
Detect and respond to workstation, server and network incidents using SIEM, behavioral analytics, and network analysis.
Review and respond to escalated security events from Tier I/II analysts.
Respond to malware incidents, reverse engineer binaries, and implement controls.
Respond to service provider network attacks affecting Cox critical network infrastructure and the cloud environment.
Proactively hunting threats within the Cox environment.
Write detection signatures, tune systems / tools, develop automation scripts and correlation rules.
Maintain knowledge of adversary Tactics, Techniques, and Procedures (TTP).
Conduct forensic analysis on systems and engage third-party resources as required.
Contribute to projects, meetings, and ad-hoc requests.
Provide timely and relevant updates to appropriate stakeholders and decision makers.
Four or more years of technical experience in the information security field
Four or more years of practical experience in an incident response role.
Experience working with and / or managing a SIEM, preferably QRadar.
Ability to understand, modify and create threat detection rules within a SIEM.
Experience with internal and external threat intelligence feeds.
Knowledge and experience with the Windows and Linux operating systems.
Experience using Python, Perl, PowerShell, or an equivalent language.
Excellent written and verbal communication skills.
Ability to execute under pressure.
Ability to perform independent analysis, distill relevant findings and root cause.
Strong analytical writing skills to articulate complex ideas clearly and effectively.
BS in Computer Science, Information Systems, Engineering, etc.
Cloud technology experience and incident response techniques
Experience with endpoint security agents (Carbon Black, Crowdstrike, etc.)
At least one relevant industry certification – GCIH, CCIA, GIAC, CISSP, CISM, CISA.
Experience with network forensics and associated toolsets, (Suricata, WireShark, PCAP, tcpdump, etc.) and analysis techniques.
Experience with host-based detection and prevention suites (Microsoft SCEP, Carbon Black Response, OSSEC, etc.)
Understanding of log collection and aggregation techniques, Elastic Search, Logstash, Kibana (ELK), syslog-NG, Windows Event Forwarding (WEF), etc.
About Cox Communications
Cox Communications is committed to creating meaningful moments of human connection through broadband applications and services. The largest private telecom company in America, we proudly serve six million homes and businesses across 18 states. We're dedicated to empowering others to build a better future and celebrate diverse products, people, suppliers, communities and the characteristics that makes each one unique. Cox Communications is the largest division of Cox Enterprises, a family-owned business founded in 1898 by Governor James M. Cox.
Cox is an Equal Employment Opportunity employer - All qualified applicants/employees will receive consideration for employment without regard to that individual's age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law.
Statement to ALL Third-Party Agencies and Similar Organizations: Cox accepts resumes only from agencies with which we formally engage their services. Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.
Primary Location: 6305 Peachtree Dunwoody Rd, Atlanta,GA US
Division: Cox Communications Inc
Job Level: Individual Contributor
Travel: Yes, 5 % of the Time
Shift: Day Job
Requisition Number: 1910901
Internal Number: 1910901
About Cox Communications
From the valued customers we connect through our innovative communications services, to the employees we unite through exciting career opportunities, Cox is all about bringing people together and enhancing their lives.
The third-largest U.S. cable company, Cox serves approximately 6 million residences and businesses. Cox Business is a facilities-based provider of voice, video and data solutions for commercial customers, and Cox Media is a full-service provider of national and local cable spot and digital media advertising.
Cox is known for its pioneering efforts in cable, telephone and commercial services, industry-leading customer care, and its outstanding workplaces. We are always looking for talented professionals to join our team! Cox offers competitive salaries, an excellent benefits package (healthcare and 401k matching) and a best-in-class working environment.
For nine years, Cox has been recognized as the top operator for women by Women in Cable Telecommunications; Cox has ranked among DiversityInc's Top 50 Companies for Diversity 11 times. More information about Cox Communications, a wholly owned subsidiary of Cox Enterprises, is available at www.cox.com and www.coxmedia.com